Re: Potential issues (security and otherwise) with the current cgroup-bpf API

From: Michal Hocko
Date: Thu Jan 19 2017 - 04:00:20 EST

Next message: Linus Walleij: "Re: [PATCH v2 3/3] gpio: Support gpio nexus dt bindings"
Previous message: Johannes Thumshirn: "Re: [PATCH 7/7] scsi: hisi_sas: decrease running_req in hisi_sas_slot_task_free()"
In reply to: Tejun Heo: "Re: Potential issues (security and otherwise) with the current cgroup-bpf API"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed 18-01-17 14:18:50, Tejun Heo wrote:
> Hello, Michal.
>
> On Tue, Jan 17, 2017 at 02:58:30PM +0100, Michal Hocko wrote:
> > This would require using hierarchical cgroup iterators to iterate over
>
> It does behave hierarchically.
>
> > tasks. As per Andy's testing this doesn't seem to be the case. I haven't
>
> That's not what Andy's testing showed. What that showed was that
> program in a child can override the one from its ancestor.

My fault, I've misread Andy's test case. I thought that the child group
simply disabled the bpf program and the one from the parent hasn't
executed.
--
Michal Hocko
SUSE Labs

Next message: Linus Walleij: "Re: [PATCH v2 3/3] gpio: Support gpio nexus dt bindings"
Previous message: Johannes Thumshirn: "Re: [PATCH 7/7] scsi: hisi_sas: decrease running_req in hisi_sas_slot_task_free()"
In reply to: Tejun Heo: "Re: Potential issues (security and otherwise) with the current cgroup-bpf API"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]